private bool CheckSafeKey(int second) { HttpCookie cookie = HttpContext.Current.Request.Cookies["aries_safekey"]; if (cookie != null) { string value = EncrpytHelper.Decrypt(cookie.Value); if (value.StartsWith("aries:")) { if (second == 0) { return(true); } int time; if (int.TryParse(value.Split(':')[1], out time)) { int result = int.Parse(DateTime.Now.ToString("HHmmss")) - time; #if DEBUG return(result > -1 && result < 120);//2分钟的调试时间 #else return(result > -1 && result < second); #endif } } } return(false); }
private static Dictionary <string, string> pcTokenList = new Dictionary <string, string>();//loginID,token /// <summary> /// 获取授权Token(手机APP登陆调用此方法获取Token为登陆凭证) /// </summary> public static string GetAuthToken(string userName, string password, out string errMsg) { string token = string.Empty; errMsg = string.Empty; using (MAction action = new MAction(TableNames.Sys_User)) { string where = string.Empty; if (action.DalType == DalType.Txt || action.DalType == DalType.Xml) { where = string.Format("Status=1 and UserName='******'", userName); } else { action.SetPara("UserName", userName, System.Data.DbType.String); where = "Status=1 and (UserName=@UserName or Phone=@UserName or Email=@UserName)"; } if (action.Fill(where)) { if (action.Get <DateTime>(Sys_User.PwdExpiredTime, DateTime.MaxValue) < DateTime.Now) { errMsg = "账号密码已过期!"; } else { string pwd = action.Get <string>(Sys_User.Password); if (pwd == EncrpytHelper.Encrypt(password)) { string userID = action.Get <string>(Sys_User.UserID); userName = action.Get <string>(Sys_User.UserName); string fullName = action.Get <string>(Sys_User.FullName, userName); if (action.DalType == DalType.Txt || action.DalType == DalType.Xml) { action.Set(Sys_User.LoginCount, action.Get <int>(Sys_User.LoginCount, 0) + 1); } else { action.SetExpression("LoginCount=[#ISNULL](LoginCount,0)+1"); } action.Set(Sys_User.LastLoginTime, DateTime.Now); action.Set(Sys_User.LastLoginIP, HttpContext.Current.Request.UserHostAddress); //action.SetPara("UserName", userName, System.Data.DbType.String); action.Update(where);//更新信息。 //获取角色名称 string roleIDs = action.Get <string>(Sys_User.RoleIDs); token = EncrpytHelper.Encrypt(DateTime.Now.Day + "," + userID + "," + userName + "," + fullName + "," + roleIDs); } else { errMsg = "用户名或密码错误!"; } } } else { errMsg = "账号不存在!"; } } return(token); }
public static bool ChangePassword(string password) { using (MAction action = new MAction(U_AriesEnum.Sys_User)) { action.Set(Sys_User.Password, EncrpytHelper.Encrypt(password)); return(action.Update(UserID)); } }
private static string GetTokenValue(int index) { string token = Token; if (!string.IsNullOrEmpty(token)) { string text = EncrpytHelper.Decrypt(token); if (!string.IsNullOrEmpty(text)) { string[] items = text.Split(','); if (items.Length > index) { return(items[index]); } } } return(string.Empty); }
public override void Get() { switch (TableName) { case "Sys_User": ObjName = "V_SYS_UserList"; MDataRow row = GetOne(); if (row != null) { row.Set("Password", EncrpytHelper.Decrypt(row.Get <string>("Password"))); jsonResult = row.ToJson(); } break; default: base.Get(); break; } }
public void companyAuth(byte type, bool result, string errMsg) { string userName = Query <string>("uid"); using (MAction action = new MAction("data0073", CrossDb.GetConn("data0073"))) { MDataRow row = null; string where = string.Format("USER_LOGIN_NAME='{0}' AND ACTIVE_FLAG=0", userName); if (action.Fill(where)) { row = action.Data; } if (row == null || row.Count == 0) { result = false; errMsg = LangConst.NoCompanyAuth; } } if (type == 1)//页面直接调用时重写Token { using (MAction action = new MAction(TableNames.Sys_User)) { string where = string.Format("Status=1 and UserName='******'", userName); if (action.Fill(where)) { string userID = action.Get <string>(Sys_User.UserID); userName = action.Get <string>(Sys_User.UserName); string fullName = action.Get <string>(Sys_User.FullName, userName); string roleIDs = action.Get <string>(Sys_User.RoleIDs); string token = EncrpytHelper.Encrypt(DateTime.Now.Day + "," + userID + "," + userName + "," + fullName + "," + roleIDs); UserAuth.SetToken(token, userName); UserAuth.WriteCookie(token, userName, ""); } else { result = false; errMsg = LangConst.UserNotExists; } } } jsonResult = JsonHelper.OutResult(result, errMsg); }
/// <summary> /// 添加用户by CYQ /// </summary> /// <returns></returns> public string AddUser() { string jsonResult = string.Empty; bool result = false; string userName = Query <string>("userName"); string pwd = Query <string>("password"); using (MAction action = new MAction(TableNames.Sys_User)) { action.BeginTransation(); if (!action.Exists("UserName = '******'")) { action.Set("Password", EncrpytHelper.Encrypt(pwd));//加密 if (action.Insert(true, InsertOp.ID)) { string userID = action.Get <string>(Sys_User.UserID); action.ResetTable(TableNames.Sys_UserInfo); action.Set(Sys_UserInfo.UserInfoID, userID); action.AllowInsertID = true; result = action.Insert(true); if (!result) { action.RollBack(); } else { jsonResult = JsonHelper.OutResult(result, result ? "添加用户成功!" : "添加用户失败!"); } } } else { jsonResult = JsonHelper.OutResult(false, "帐号已存在,请重新输入"); } action.EndTransation(); } return(jsonResult); }
/// <summary> /// 更新用户by CYQ /// </summary> /// <param name="objName"></param> public string UpdateUser() { bool result = false; string pwd = Query <string>("Password"); string userID = Query <string>("UserID"); using (MAction action = new MAction(TableNames.Sys_User)) { action.BeginTransation(); if (!string.IsNullOrEmpty(pwd)) { action.Set(Sys_User.Password, EncrpytHelper.Encrypt(pwd));//加密 } result = action.Update(userID, true); if (result) { action.ResetTable(TableNames.Sys_UserInfo); if (action.Exists(userID)) { if (action.Data.Count > 1)//有自定义列 { result = action.Update(userID, true); } } else { action.Set(Sys_UserInfo.UserInfoID, userID); action.AllowInsertID = true; result = action.Insert(true); } } if (!result) { action.RollBack(); } action.EndTransation(); } return(JsonHelper.OutResult(result, result ? "更新成功!" : "更新失败!")); }
public static async Task <UserProfile> UserProfileSave(DatabaseSettings databaseSettings, Guid userID, SqlConnection connection, SqlTransaction transaction, UserProfile userProfile) { UserProfile returnValue = null; using (SqlCommand command = connection.CreateCommand()) { command.CommandText = "dyt.UserProfileSave"; command.CommandType = CommandType.StoredProcedure; command.Connection = connection; command.Transaction = transaction; SqlParameter parameter = null; parameter = command.Parameters.Add("@uMachineName", SqlDbType.NVarChar, 50); parameter.Value = Environment.MachineName; parameter = command.Parameters.Add("@uServerName", SqlDbType.NVarChar, 50); parameter.Value = databaseSettings.Name; parameter = command.Parameters.Add("@uAppName", SqlDbType.NVarChar, 50); parameter.Value = "Daytona"; parameter = command.Parameters.Add("@UserID", SqlDbType.UniqueIdentifier); parameter.Direction = ParameterDirection.InputOutput; if (Guid.Empty.Equals(userProfile.UserID) == true) { parameter.Value = DBNull.Value; } else { parameter.Value = userProfile.UserID; } parameter = command.Parameters.Add("@FirstName", SqlDbType.NVarChar, 30); parameter.Value = userProfile.FirstName; parameter = command.Parameters.Add("@LastName", SqlDbType.NVarChar, 30); parameter.Value = userProfile.LastName; parameter = command.Parameters.Add("@Email", SqlDbType.NVarChar, 255); parameter.Value = userProfile.Email; parameter = command.Parameters.Add("@MobilePhone", SqlDbType.NVarChar, 50); if (string.IsNullOrEmpty(userProfile.MobilePhone)) { parameter.Value = DBNull.Value; } else { parameter.Value = userProfile.MobilePhone; } string loginPasswordHash = string.Empty; string passwordValidityHash = string.Empty; if (string.IsNullOrEmpty(userProfile.Password) == false) { loginPasswordHash = EncrpytHelper.SecureHash(userProfile.Password.ToLower()); } parameter = command.Parameters.Add("@LoginPasswordHash", SqlDbType.VarChar, 255); parameter.Value = loginPasswordHash ?? string.Empty; parameter = command.Parameters.Add("@PasswordValidityHash", SqlDbType.VarChar, 255); parameter.Value = passwordValidityHash ?? string.Empty; parameter = command.Parameters.Add("@IsPasswordChangeRequired", SqlDbType.Bit); parameter.Value = userProfile.IsPasswordChangeRequired; parameter = command.Parameters.Add("@LoginID", SqlDbType.NVarChar, 50); parameter.Value = userProfile.LoginID; parameter = command.Parameters.Add("@IsLoginAllowed", SqlDbType.Bit); parameter.Value = userProfile.IsLoginAllowed; parameter = command.Parameters.Add("@Name", SqlDbType.NVarChar, 50); parameter.Value = userProfile.Name; await command.ExecuteNonQueryAsync(); userProfile.UserID = (Guid)command.Parameters["@UserID"].Value; returnValue = userProfile; } return(returnValue); }
public static User AuthenticateUser(DatabaseSettings databaseSettings, string loginID, string loginPassword) { User user = new User(); using (SqlConnection connection = new SqlConnection(databaseSettings.SqlClientConnectionString)) { connection.Open(); using (SqlCommand command = connection.CreateCommand()) { command.CommandText = "csAuthenticateUser"; command.CommandType = CommandType.StoredProcedure; command.Parameters.Add("@LoginID", SqlDbType.NVarChar, 50).Value = loginID; command.Parameters.Add("@LoginPassword", SqlDbType.NVarChar, 50).Value = EncrpytHelper.Encrypt(loginPassword, ProjectConstants.FullEncryptionKey); using (SqlDataReader reader = command.ExecuteReader()) { while (reader.Read()) { if (Convert.IsDBNull(reader["UserID"]) == false) { user.UserID = (Guid)reader["UserID"]; } if (Convert.IsDBNull(reader["LoginID"]) == false) { user.LoginID = (string)reader["LoginID"]; } if (Convert.IsDBNull(reader["Name"]) == false) { user.Name = (string)reader["Name"]; } } reader.Close(); } connection.Close(); } } return(user); }